Webinoly is just the perfect tool for NGINX experts. Give it a try!
0 votes
by Rookie
edited by

Well, this is not a question, but a small guide for anyone wondering how to use root level domains on their subdomain WordPress multisite setup.

I'm using Amazon Lightsail instance, however, this can be adopted very easily for any VPS of your choice.

pre-requisites are obvious and an important A DNS record:

main/root domain: primary.com

secondary domain: secondary.com

secondary.com points to the same IP and that IP is attached to the same instance as the primary.com

(ie. you'll be making a new zone for secondary.com and A record points to the IP of primary.com)


Now, a small note about optional wildcard SSLs. If you want your 2 domains to have the flexibility of issuing subdomains from the WordPress backend itself, without the need to tinker CNAME, every time you add a new subdomain, then you are required to add some new A record DNS.

*.primary.com pointing to the IP of the instance.

*.secondary.com pointing to the IP of the instance.

Having said that, I have added notes in parenthesis for the following bash commands where you are required to add some additional params specifically for deploying wildcard SSLs.

Please note, wildcard certs are not necessary for domain mapping (neither primary nor secondary), but absolutely must if you have plans to use something like this sub1.primary.com, sub1.secondary.com, sub2.secondary.com in future. No harm in deploying wildcards in the first place, as you'll have the flexibility from the get-go.

Now navigate to SSH

site primary.com -wp -cache=on

site primary.com -ssl=on
(use the following instead if you need subdomains on primary.com
site primary.com -ssl=on -wildcard)

site primary.com -multisite-convert

site secondary.com -parked=primary.com

site secondary.com -ssl=on -root=primary.com
(use the following instead if you need subdomains on secondary.com
site secondary.com -ssl=on -wildcard -root=primary.com)

Now, add a new WordPress subdomain on your primary: Sites > Add New

Site URL: secondary.primary.com (I usually use the TLD itself as the subdomain for easy management, you can choose any, as we'll be changing this value again in next step)

Use any title and admin email of your choice then click Add.

Navigate to the newly added subdomain and change the Site URL from the subdomain to https://secondary.com

That's it, your secondary domain will resolve form WordPress multisite which is managed by your primary domain.

by Expert
No, you cannot use a Wildcard cert on two different domains.

Why do you recommend disabling HTTP auth for WP login?
by Rookie
Totally optional to disable HTTP auth.

Interestingly, I was able to install the secondary domain with SSL enabled. It definitely asked me twice for the acme verification. I didn't check if it was wildcard or not, but correct SSL was issued for the secondary domain. I will check back and confirm.

If it wasn't wildcard, then "-wildcard" param could be removed for secondary domain.

I have edited my post.
by Expert

 (according to author, wildcard for parked domains are not supported yet, hence -wildcard param removed)

Where/when did I say it? That's totally a lie!

The thing is that you don't even need a Wildcard domain for this particular example/tutorial. It's totally wrong recommending this as a correct solution.

You can find an example of this in our Full Example and Tutorial we have a section dedicated to WordPress Multisite with Domain Mapping.

by Rookie
edited by
I'm issuing wildcards for secondary.com to future-proof it so it becomes scalable to use subdomains with it as and when need arises. That is all.

"You cannot use a Wildcard on two different domain". Can you expand it further?

When did I accuse you of lying? That is just what I assumed, on basis of what you wrote first. I even communicated in the follow up post. Also, I never claimed my solution is 100% "correct solution", fool-proof and that it must be taken as is.

1 Answer

0 votes
by Expert

Thanks for your contribution!

The thing is that you are recommending some not so accurate things and it can result confusing for people reading this post:

  • You suggest that a Wildcard cert is a must for domain mapping. That's wrong!
  • You suggest that HTTP Auth must be disabled for domain mapping. That's wrong!
  • And now, you are saying that I said that parked domains are not supported for Wildcard certs. That's wrong! I never said that!
Please, you need to be more accurate when you are recommending things that other people will read and some of them will take it as if it was the truth because they read it here.
by Rookie
I've made my first post more accurate.
Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.
Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.